An update for openvswitch is now available for Red Hat Enterprise LinuxOpenStack Platform 7.0 (Kilo) for RHEL 7.

Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Open vSwitch provides standard network bridging functions and support forthe OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

* A buffer overflow flaw was discovered in the OVS processing of MPLSlabels. A remote attacker able to deliver a frame containing a maliciousMPLS label that would be processed by OVS could trigger the flaw and usethe resulting memory corruption to cause a denial of service (DoS) or,possibly, execute arbitrary code. (CVE-2016-2074)

Red Hat would like to thank the Open vSwitch project for reporting thisissue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as theoriginal reporters.

4. Solution:

For details on how to apply this update, which includes the changesdescribed in this advisory, refer to: